<?php
// Submits new and changed inquiry data to the database.

session_start();
if ( ! isset( $_SESSION['adminLoggedIn'] ) ) {
   exit;
}

require_once("db.php");
  
// Is there data coming in?
if ( isset($_POST['primaryKey'] ) ) {
    
   $name = mysql_real_escape_string($_POST['name']);
   $applied = $_POST['applied'];
   $given_up = $_POST['given_up'];
   $ndgs = $_POST['ndgs'];
   $email = mysql_real_escape_string($_POST['email']);
       
   // Are we inputing new data?
   if ($_POST['primaryKey'] == '-1') {
      
      $query = "insert into gs_inquiries (name, applied, given_up, ndgs, email) 
         values ('$name', $applied, $given_up, $ndgs, '$email')";
      $result = my_mysql_query($query);
      
      // Yes, this might lead to a race condition...
      $id = mysql_insert_id();
      $date = $_POST['newContact'];
      
      $query = "insert into gs_followups (inquiry_id, date) values ($id, '$date')";
      $result = my_mysql_query($query);
   }
   
   // Or are we updating an existing record?
   else {
            
      $id = $_POST['primaryKey'];
     
      $query = "update gs_inquiries set name='$name', applied=$applied, 
      given_up=$given_up, ndgs=$ndgs, email='$email' where id=$id";
      $result = my_mysql_query($query);
      
      $date = $_POST['newContact'];
      if ( strlen($date) > 0 ) {
         $query = "insert into gs_followups (inquiry_id, date) values ($id, '$date')";
         $result = my_mysql_query($query);
      }
   }
}

?>